package com.hjk.waibao.mj.interceptor;

import com.alibaba.fastjson.JSONObject;
import com.hjk.waibao.mj.annotation.LoginUser;
import com.hjk.waibao.mj.annotation.UserId;
import com.hjk.waibao.mj.bean.ApiResult;
import com.hjk.waibao.mj.bean.SessionKey;
import com.hjk.waibao.mj.common.model.User;
import com.hjk.waibao.mj.common.model.UserPower;
import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import com.jfinal.json.Json;
import com.jfinal.kit.PropKit;
import com.jfinal.weixin.sdk.utils.JsonUtils;

import java.lang.reflect.Parameter;

public class UserPowerInterceptor implements Interceptor {
    public static String adminId = PropKit.get("admin_id");

    @Override
    public void intercept(Invocation invocation) {
        Integer level = UserPower.getMaxPower(invocation.getController().getRequest().getServletPath());
        invocation.getController().setAttr("userJson", "null");
        SessionKey sessionKey = SessionKey.getSessionKey(invocation);
        User user = null;
        if (sessionKey != null) {
            user = User.dao.findById(sessionKey.getUserId());
//            setUserAttr(invocation, user);
            if (user != null) {
                invocation.getController().setAttr("user", JsonUtils.toJson(user));
                invocation.getController().setAttr("userJson", JsonUtils.toJson(user));
                setUserAnno(invocation, user);
            }
        }
        if (level == null) {
            invocation.getController().renderJson(ApiResult.createFail("未配置权限:" + invocation.getController().getRequest().getServletPath()));
        } else if (level == 0) {
            invocation.invoke();
        } else if (level == 1) {
            if (user == null) {
                invocation.getController().renderJson(ApiResult.createFail("请登录"));
                return;
            } else {
                invocation.invoke();
            }
        } else if (level == 2) {
            if (user == null) {
                invocation.getController().renderJson(ApiResult.createFail("请登录"));
            } else if (!adminId.equals(sessionKey.userId)) {
                invocation.getController().renderJson(ApiResult.createFail("无权限"));
            } else {
                invocation.invoke();
            }
        }
    }

    private void setUserAnno(Invocation invocation, User user) {
        for (int index = 0; index < invocation.getMethod().getParameters().length; index++) {
            Parameter parameter = invocation.getMethod().getParameters()[index];
            if (parameter.getAnnotation(UserId.class) != null) {
                invocation.setArg(index, user.getId());
            }
            if (parameter.getAnnotation(LoginUser.class) != null) {
                invocation.setArg(index, user);
            }
        }
    }

    public void setUserAttr(Invocation invocation, User user) {
        invocation.getController().setAttr("user", user);
        JSONObject jsonObject = JSONObject.parseObject(Json.getJson().toJson(user));
        jsonObject.put("password", null);
        invocation.getController().setAttr("userJson", jsonObject.toString());
    }

}
